IE head Dean Hachamovich says Microsoft started looking into this last week after news broke that Google was bypassing the default privacy settings in the Safari Web browser on iPhones and iPads. Google was caught by the Wall Street Journal and stopped playing that particular trick, but went on the offensive to try and explain its behavior away.
Like the Safari compromise, the IE9 compromise involves cookies -- small bits of code that Web sites put into your Web browser. Those cookies usually don't contain any personal information, but can keep track if you've visited a particular Web site so you don't have to log in again every time you come back to the site. (Think how annoying it would be if you had to re-enter your Facebook ID every time you came back to Facebook, for instance.)
IE9 blocks cookies from any site that does not honor a technology called P3P, which lets Web sites describe to browsers exactly how they're going to use tracking cookies.
Google doesn't honor P3P. So its cookies should be blocked.
But instead, Google employs a loophole -- instead of leaving a blank in the spot where it would deliver a P3P policy that only a browser could understand, it delivers a human-readable message saying "This is not a P3P policy!" and a link to this page explaining why Google doesn't like P3P.
If the browser can't understand a P3P message, it accepts the cookie anyway.
So, under the guise of transparency, Google is actually bypassing a privacy setting put in place by a major competitor.
Like the Safari snafu, this is pretty small time stuff as far as privacy goes. Tracking cookies have been around for years, their behavior is well known, they're easy to block, and the information they deliver -- your browsing history -- usually doesn't contain personally identifiable information.
But still, it's another dumb blunder from a company that is increasingly being watched by government regulators and competitors very, very closely.
If you use IE9 and want to block Google from using this loophole to track you, Microsoft has instructions here.
More From Business Insider